(WWJ) - A major Metro-Detroit health system has been the victim of a cyberattack affecting a large number of patients, authorities say.
Michigan Attorney General Dana Nessel said that McLaren Health Care has suffered a ransomware attack. It is alleged that 2.5 million patients had their personal health information stolen.
Ransomware is a form of malware that is able to disable a company’s network. Data is typically stolen and then held hostage until a ransom is paid.
The group ALPHV, also known as BlackCat, has claimed responsibility for the attack, authorities said. The group is also linked to other cyberattacks including one on MGM Resorts.
According to a message last week allegedly from ALPHV, the information from McLaren was on the dark web and would be released in a few days if a ransom wasn’t received.
“This attack shows, once again, how susceptible our information infrastructure may be,” Nessel said. “Organizations that handle our most personal data have a responsibility to implement safety measures that can withstand cyber-attacks and ensure that a patient’s private health information remains private.”
McLaren Health Care is based in Grand Blanc, Michigan. It is made up of 15 hospitals, including the largest network of cancer centers and providers.in the state
McLaren says it is “…investigating reports that some of [its] data may be available on the dark web and will notify individuals whose information was impacted, if any, as soon as possible.”
The suspicious activity was allegedly detected in its systems in August. The ransomware attack was later confirmed and the computer network was taken offline while it was investigated, authorities say.
McLaren has retained security experts and is in touch with law enforcement. There has been no evidence suggesting the group still had access to its network, McLaren said.
The actual number of patients, the identities and type of personal health information is unknown.
Entities covered by HIPAA privacy rules are required to report data breaches of personal health information to the U.S. Department of Health and Human Services Office for Civil Rights. Breaches can be searched by state through the website's portal.
Experts say that cyberattacks on the healthcare industry have increased in both frequency and severity. Healthcare is targeted so often because of the amount of protected health information it stores. The average breach costs more than $11 million.
“Time is of the essence when a breach occurs to ensure affected individuals can take the necessary steps to protect their identities,” Nessel continued. “The Department’s website contains important measures for residents who believe their information may have been compromised.”
Experts say it’s important to not only protect your medical information, it’s also crucial to be aware of the warning signs that someone else is using your medical information.
The signs include:
- A bill from your doctor for services you did not receive;
- Errors in your Explanation of Benefits (EOB) statement like services you never received or prescription medications you don’t take;
- A call from a debt collector about a medical debt you don’t owe;
- Medical debt collection notices on your credit report that you don’t recognize;
- A notice from your health insurance company indicating you have reached your benefit limit; or
- You are denied insurance coverage because your medical records show a pre-existing condition you don’t have.
If you receive a notification letter or hear news about a data breach at one of your medical providers, take these steps to secure your medical and financial accounts:
- Change the passwords on medical portals that you use.
- Check EOBs from your insurers carefully.
- Contact your bank and credit card issuers and ask them to put an alert on your accounts.
For more information on how to respond to a data breach, the state has a resource available on its website called ‘Data Breaches: What to do Next Consumer Alert’.